In the dual-server setup, which virtual host flavor is used
on the frontend (reverse proxy) server is irrelevant. When running a
large number of virtual hosts, it is generally preferable to use
name-based virtual hosts, since they share a single IP address. HTTP
clients have been supporting this since 1995.

SSL-enabled sites cannot use this scheme, however. This is because
when using SSL, all HTTP traffic is encrypted, and this includes the
request's Host: header. This
header is unavailable until the SSL handshake has been performed, and
that in turn requires that the request has been dispatched to the
appropriate virtual host, because the SSL handshake depends on that
particular host's SSL certificate. For this reason,
each SSL-enabled virtual host needs its own, unique IP address. You
can still use name-based virtual hosts along with SSL-enabled virtual
hosts in the same configuration file, though.

For the backend mod_perl-enabled server, we recommend using
port-based virtual hosts using the IP address 127.0.0.1
(localhost). This enforces the fact that this
server is accessible only from the frontend server and not directly
by clients.